﻿// ***********************************************************************************************
// <summary author="holly.dai" create_date="2009-09-08" modify_date="2009-09-25">
//         add summary info
// </summary> 
// <modify_log>
//
// </modify_log>
// <copyright file="HigerMemebershipProvider.cs" company="DEXTRYS" url="http://www.dextrys.com">
//           新宇软件（苏州工业园区）有限公司
// </copyright>
// ***********************************************************************************************
namespace Higer.SharePoint
{
    using System;
    using System.Collections.Generic;
    using System.Collections.Specialized;
    using System.Configuration;
    using System.Configuration.Provider;
    using System.Data;
    using System.Data.SqlClient;
    using System.IO;
    using System.Linq;
    using System.Security.Cryptography;
    using System.Text;
    using System.Web.Configuration;
    using System.Web.Security;

    /// <summary>
    /// 提供给Higer的用户登录接口
    /// </summary>
    public class HigerMemebershipProvider : MembershipProvider
    {
        #region MyRegion
        // public override string ApplicationName {
        //    get {
        //        throw new NotImplementedException();
        //    }
        //    set {
        //        throw new NotImplementedException();
        //    }
        // }

        // public override bool ChangePassword(string username, string oldPassword, string newPassword) {
        //    throw new NotImplementedException();
        // }

        // public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer) {
        //    throw new NotImplementedException();
        // }

        // public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status) {
        //    throw new NotImplementedException();
        // }

        // public override bool DeleteUser(string username, bool deleteAllRelatedData) {
        //    throw new NotImplementedException();
        // }

        // public override bool EnablePasswordReset {
        //    get { throw new NotImplementedException(); }
        // }

        // public override bool EnablePasswordRetrieval {
        //    get { throw new NotImplementedException(); }
        // }

        // public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords) {
        //    throw new NotImplementedException();
        // }

        // public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords) {
        //    throw new NotImplementedException();
        // }

        // public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords) {
        //    throw new NotImplementedException();
        // }

        // public override int GetNumberOfUsersOnline() {
        //    throw new NotImplementedException();
        // }

        // public override string GetPassword(string username, string answer) {
        //    throw new NotImplementedException();
        // }

        // public override MembershipUser GetUser(string username, bool userIsOnline) {
        //    throw new NotImplementedException();
        // }

        // public override MembershipUser GetUser(object providerUserKey, bool userIsOnline) {
        //    throw new NotImplementedException();
        // }

        // public override string GetUserNameByEmail(string email) {
        //    throw new NotImplementedException();
        // }

        // public override int MaxInvalidPasswordAttempts {
        //    get { throw new NotImplementedException(); }
        // }

        // public override int MinRequiredNonAlphanumericCharacters {
        //    get { throw new NotImplementedException(); }
        // }

        // public override int MinRequiredPasswordLength {
        //    get { throw new NotImplementedException(); }
        // }

        // public override int PasswordAttemptWindow {
        //    get { throw new NotImplementedException(); }
        // }

        // public override MembershipPasswordFormat PasswordFormat {
        //    get { throw new NotImplementedException(); }
        // }

        // public override string PasswordStrengthRegularExpression {
        //    get { throw new NotImplementedException(); }
        // }

        // public override bool RequiresQuestionAndAnswer {
        //    get { throw new NotImplementedException(); }
        // }

        // public override bool RequiresUniqueEmail {
        //    get { throw new NotImplementedException(); }
        // }

        // public override string ResetPassword(string username, string answer) {
        //    throw new NotImplementedException();
        // }

        // public override bool UnlockUser(string userName) {
        //    throw new NotImplementedException();
        // }

        // public override void UpdateUser(MembershipUser user) {
        //    throw new NotImplementedException();
        // }

        // public override bool ValidateUser(string username, string password) {
        //    throw new NotImplementedException();
        // }
        #endregion

        #region 自定义属性

        // private string connectionString = "Data Source=HOLLYDAI;Initial Catalog=MEMBERSHIPPROVIDER;Persist Security Info=True;User ID=sa;Password=99525714";

        /// <summary>
        /// 数据连接字符串
        /// </summary>
        private string connectionString = string.Empty;

        #endregion

        #region 重载的属性

        /// <summary>
        /// 可以实现
        /// </summary>
        public override string ApplicationName
        {
            get
            {
                return "/";
            }

            set
            {
            }
        }

        /// <summary>
        /// 获取一个值，以指示是否可以重置密码
        /// </summary>
        public override bool EnablePasswordReset
        {
            get { return false; }
        }

        /// <summary>
        /// 获取一个值，以指示是否允许用户提取密码
        /// </summary>
        public override bool EnablePasswordRetrieval
        {
            get { return false; }
        }

        /// <summary>
        /// 获取一个值，锁定用户之间所允许的重试次数
        /// </summary>
        public override int MaxInvalidPasswordAttempts
        {
            get { return 999; }
        }

        /// <summary>
        /// 获取一个值，密码中最少的特殊字符数
        /// </summary>
        public override int MinRequiredNonAlphanumericCharacters
        {
            get { return 0; }
        }

        /// <summary>
        /// 取得最小密码的长度
        /// </summary>
        public override int MinRequiredPasswordLength
        {
            get { return 1; }
        }

        /// <summary>
        /// 获取在锁定成员资格用户之前允许的最大无效密码或无效密码提示问题答案尝试次数的分钟数。
        /// </summary>
        public override int PasswordAttemptWindow
        {
            get { return 999; }
        }

        /// <summary>
        /// 描述存储成员用户密码的加密格式。
        /// </summary>
        public override MembershipPasswordFormat PasswordFormat
        {
            get { return MembershipPasswordFormat.Hashed; }
        }

        /// <summary>
        /// 获取用于计算密码的正则表达式。
        /// </summary>
        public override string PasswordStrengthRegularExpression
        {
            get { return string.Empty; }
        }

        /// <summary>
        /// 获取一个值，指示是否要求用户解答密码问题以重新提取密码
        /// </summary>
        public override bool RequiresQuestionAndAnswer
        {
            get { return false; }
        }

        /// <summary>
        /// 获取一个值，指示成员资格提供程序是否配置为要求每个用户名具有唯一的电子邮件地址。
        /// </summary>
        public override bool RequiresUniqueEmail
        {
            get { return false; }
        }

        #endregion

        #region 重载的方法

        /// <summary>
        /// 处理更新成员资格用户密码的请求。
        /// </summary>
        /// <param name="username">为其更新密码的用户。</param>
        /// <param name="oldPassword">指定的用户的当前密码。</param>
        /// <param name="newPassword">指定的用户的新密码。</param>
        /// <returns>如果密码更新成功，则为 true；否则为 false。</returns>
        public override bool ChangePassword(string username, string oldPassword, string newPassword)
        {
            return true;
        }

        /// <summary>
        /// 处理更新成员资格用户的密码提示问题和答案的请求。
        /// </summary>
        /// <param name="username">要为其更改密码提示问题和答案的用户。</param>
        /// <param name="password">指定的用户的密码。</param>
        /// <param name="newPasswordQuestion">指定的用户的新密码提示问题。</param>
        /// <param name="newPasswordAnswer">指定的用户的新密码提示问题答案。</param>
        /// <returns>如果成功更新密码提示问题和答案，则为 true；否则，为 false。</returns>
        public override bool ChangePasswordQuestionAndAnswer(string username, string password, string newPasswordQuestion, string newPasswordAnswer)
        {
            return true;
        }

        /// <summary>
        /// 将新的成员资格用户添加到数据源。
        /// </summary>
        /// <param name="username">新用户的用户名。</param>
        /// <param name="password">新用户的密码。</param>
        /// <param name="email">新用户的电子邮件地址。</param>
        /// <param name="passwordQuestion">新用户的密码提示问题</param>
        /// <param name="passwordAnswer">新用户的密码提示问题答案。</param>
        /// <param name="isApproved">是否允许验证新用户。</param>
        /// <param name="providerUserKey">成员资格数据源中该用户的唯一标识符。</param>
        /// <param name="status">一个 System.Web.Security.MembershipCreateStatus 枚举值，指示是否已成功创建用户。</param>
        /// <returns>一个用新创建的用户的信息填充的 System.Web.Security.MembershipUser 对象。</returns>
        public override MembershipUser CreateUser(string username, string password, string email, string passwordQuestion, string passwordAnswer, bool isApproved, object providerUserKey, out MembershipCreateStatus status)
        {
            // IDictionary<String, String> users = this.LoadAllUsers();
            // if (users.ContainsKey(username))
            // {
            //    status = MembershipCreateStatus.DuplicateUserName;
            //    return null;
            // }
            // users.Add(username, password);
            // this.WriteAllUsers(users);
            // status = MembershipCreateStatus.Success;
            // MembershipUser user = new MembershipUser(this.Name, username, username, email, passwordQuestion, "", isApproved, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now);
            // return user;
            status = MembershipCreateStatus.Success;
            return null;
        }

        /// <summary>
        /// 从成员资格数据源删除一个用户。
        /// </summary>
        /// <param name="username">要删除的用户的名称。</param>
        /// <param name="deleteAllRelatedData">如果为 true，则从数据库中删除与该用户相关的数据；如果为 false，则将与该用户相关的数据保留在数据库。</param>
        /// <returns>如果用户被成功删除，则为 true；否则为 false。</returns>
        public override bool DeleteUser(string username, bool deleteAllRelatedData)
        {
            // IDictionary<String, String> users = this.LoadAllUsers();
            // if (users.ContainsKey(username))
            // {
            //    users.Remove(username);
            //    this.WriteAllUsers(users);
            //    return true;
            // }
            // else
            // {
            //    return false;
            // }
            return true;
        }

        /// <summary>
        /// 获取一个成员资格用户的集合，其中的电子邮件地址包含要匹配的指定电子邮件地址。
        /// </summary>
        /// <param name="emailToMatch">要搜索的电子邮件地址。</param>
        /// <param name="pageIndex">要返回的结果页的索引。pageIndex 是从零开始的。</param>
        /// <param name="pageSize">要返回的结果页的大小。</param>
        /// <param name="totalRecords">匹配用户的总数。</param>
        /// <returns>包含一页 pageSizeSystem.Web.Security.MembershipUser 对象的 System.Web.Security.MembershipUserCollection集合，这些对象从 pageIndex 指定的页开始。</returns>
        public override MembershipUserCollection FindUsersByEmail(string emailToMatch, int pageIndex, int pageSize, out int totalRecords)
        {
            totalRecords = 0;
            return null;
        }

        /// <summary>
        /// 获取一个成员资格用户的集合，其中的用户名包含要匹配的指定用户名。
        /// </summary>
        /// <param name="usernameToMatch">要搜索的用户名。</param>
        /// <param name="pageIndex">要返回的结果页的索引。pageIndex 是从零开始的。</param>
        /// <param name="pageSize">要返回的结果页的大小。</param>
        /// <param name="totalRecords">匹配用户的总数。</param>
        /// <returns> 包含一页 pageSizeSystem.Web.Security.MembershipUser 对象的 System.Web.Security.MembershipUserCollection集合，这些对象从 pageIndex 指定的页开始。</returns>
        public override MembershipUserCollection FindUsersByName(string usernameToMatch, int pageIndex, int pageSize, out int totalRecords)
        {
            // MembershipUserCollection result = new MembershipUserCollection();
            // IDictionary<String, String> users = this.LoadAllUsers();
            // foreach (String username in users.Keys)
            // {
            //    if (username.StartsWith(usernameToMatch))
            //    {
            //        result.Add(this.GetUser(usernameToMatch, false));
            //    }
            // }
            // totalRecords = users.Count;
            // return result;
            SqlConnection sqlConnection = new SqlConnection(connectionString);
            SqlCommand sqlCommand = new SqlCommand("moss_klsz_qry_matching_user_list_sp", sqlConnection);

            sqlCommand.CommandType = CommandType.StoredProcedure;
            sqlCommand.Parameters.Add("@@strUserId", SqlDbType.NVarChar, 255).Value = usernameToMatch;

            MembershipUserCollection membershipUsers = new MembershipUserCollection();
            SqlDataReader sqlDataReader = null;
            int counter = 0;

            try
            {
                sqlConnection.Open();
                sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

                int startIndex = pageSize * pageIndex;
                int endIndex = startIndex + pageSize - 1;

                while (sqlDataReader.Read())
                {
                    if (counter >= startIndex)
                    {
                        MembershipUser membershipUser = GetUserFromReader(sqlDataReader);
                        membershipUsers.Add(membershipUser);
                    }

                    if (counter >= endIndex) 
                    { 
                        sqlCommand.Cancel();
                    }

                    counter += 1;
                }
            }
            catch
            {
                // Add exception handling here.
            }
            finally
            {
                if (sqlDataReader != null) 
                {
                    sqlDataReader.Close();
                }
            }

            totalRecords = counter;

            return membershipUsers;
        }

        /// <summary>
        /// 获取数据源中的所有用户的集合，并显示在数据页中。
        /// </summary>
        /// <param name="pageIndex">要返回的结果页的索引。pageIndex 是从零开始的。</param>
        /// <param name="pageSize">要返回的结果页的大小。</param>
        /// <param name="totalRecords">匹配用户的总数</param>
        /// <returns>包含一页 pageSizeSystem.Web.Security.MembershipUser 对象的 System.Web.Security.MembershipUserCollection集合，这些对象从 pageIndex 指定的页开始。</returns>
        public override MembershipUserCollection GetAllUsers(int pageIndex, int pageSize, out int totalRecords)
        {
            // MembershipUserCollection result = new MembershipUserCollection();
            // IDictionary<String, String> users = this.LoadAllUsers();
            // foreach (String username in users.Keys)
            // {
            //    result.Add(this.GetUser(username, false));
            // }
            // totalRecords = users.Count;
            // return result;
            SqlConnection sqlConnection = new SqlConnection(connectionString);
            SqlCommand sqlCommand = new SqlCommand("moss_klsz_qry_all_user_list_sp", sqlConnection);

            sqlCommand.CommandType = CommandType.StoredProcedure;

            MembershipUserCollection users = new MembershipUserCollection();

            SqlDataReader sqlDataReader = null;
            totalRecords = 0;

            try
            {
                sqlConnection.Open();
                sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

                int counter = 0;
                int startIndex = pageSize * pageIndex;
                int endIndex = startIndex + pageSize - 1;

                while (sqlDataReader.Read())
                {
                    if (counter >= startIndex)
                    {
                        users.Add(GetUserFromReader(sqlDataReader));
                    }

                    if (counter >= endIndex) 
                    {
                        sqlCommand.Cancel();
                    }

                    counter += 1;
                }
            }
            catch
            {
                // Add exception handling here.
            }
            finally
            {
                if (sqlDataReader != null)
                {
                    sqlDataReader.Close();
                }
            }

            return users;
        }

        /// <summary>
        /// 获取当前访问该应用程序的用户数。
        /// </summary>
        /// <returns>当前访问该应用程序的用户数</returns>
        public override int GetNumberOfUsersOnline()
        {
            return 0;
        }

        /// <summary>
        /// 从数据源获取指定用户名所对应的密码。
        /// </summary>
        /// <param name="username">为其检索密码的用户。</param>
        /// <param name="answer">用户的密码提示问题答案。</param>
        /// <returns>指定用户名所对应的密码。</returns>
        public override string GetPassword(string username, string answer)
        {
            return string.Empty;
        }

        /// <summary>
        ///  从数据源获取用户的信息。提供一个更新用户最近一次活动的日期/时间戳的选项。
        /// </summary>
        /// <param name="username">要获取其信息的用户名。</param>
        /// <param name="userIsOnline">如果为 true，则更新用户最近一次活动的日期/时间戳；如果为 false，则返回用户信息，但不更新用户最近一次活动的日期/时间戳。</param>
        /// <returns>用数据源中指定用户的信息填充的 System.Web.Security.MembershipUser 对象。</returns>
        public override MembershipUser GetUser(string username, bool userIsOnline)
        {
            // IDictionary<String, String> users = this.LoadAllUsers();
            // if (users.ContainsKey(username))
            // {
            //    MembershipUser result = new MembershipUser(this.Name, username, username, "", "", "", true, false, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now, DateTime.Now);
            //    return result;
            // }
            // else
            // {
            //    return null;
            // }
            SqlConnection sqlConnection = new SqlConnection(connectionString);
            SqlCommand sqlCommand = new SqlCommand("moss_klsz_qry_user_info_sp", sqlConnection);

            sqlCommand.CommandType = CommandType.StoredProcedure;
            sqlCommand.Parameters.Add("@@strUserId", SqlDbType.NVarChar, 255).Value = username;

            MembershipUser membershipUser = null;
            SqlDataReader sqlDataReader = null;

            try
            {
                sqlConnection.Open();

                sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.CloseConnection);

                if (sqlDataReader.HasRows)
                {
                    sqlDataReader.Read();
                    membershipUser = GetUserFromReader(sqlDataReader);

                    // if (userIsOnline)
                    // {
                    //    SqlCommand sqlUpdateCommand = new SqlCommand("User_UpdateActivityDate_ByUserName", sqlConnection);
                    //    sqlUpdateCommand.CommandType = CommandType.StoredProcedure;
                    //    sqlUpdateCommand.Parameters.Add("@username", SqlDbType.NVarChar, 255).Value = username;
                    //    sqlUpdateCommand.Parameters.Add("@applicationName", SqlDbType.NVarChar, 255).Value = applicationName;
                    //    sqlUpdateCommand.ExecuteNonQuery();
                    // }
                }
            }
            catch
            {
                // Add exception handling here.
            }
            finally
            {
                if (sqlDataReader != null) 
                { 
                    sqlDataReader.Close();
                }
            }

            return membershipUser;
        }

        /// <summary>
        /// 根据成员资格用户的唯一标识符从数据源获取用户信息。提供一个更新用户最近一次活动的日期/时间戳的选项。
        /// </summary>
        /// <param name="userID">要获取其信息的成员资格用户的唯一标识符</param>
        /// <param name="userIsOnline">如果为 true，则更新用户最近一次活动的日期/时间戳；如果为 false，则返回用户信息，但不更新用户最近一次活动的日期/时间戳。</param>
        /// <returns>用数据源中指定用户的信息填充的 System.Web.Security.MembershipUser 对象。</returns>
        public override MembershipUser GetUser(object userID, bool userIsOnline)
        {
            // return this.GetUser(providerUserKey.ToString(), userIsOnline);
            return this.GetUser(userID.ToString(), userIsOnline);
        }

        /// <summary>
        /// 获取与指定的电子邮件地址关联的用户名。
        /// </summary>
        /// <param name="email">要搜索的电子邮件地址。</param>
        /// <returns>与指定的电子邮件地址关联的用户名。如果未找到匹配项，则返回 null。</returns>
        public override string GetUserNameByEmail(string email)
        {
            return string.Empty;
        }

        /// <summary>
        /// 清除锁定，以便可以验证该成员资格用户。
        /// </summary>
        /// <param name="userName">要清除其锁定状态的成员资格用户。</param>
        /// <returns>如果成功取消成员资格用户的锁定，则为 true；否则为 false。</returns>
        public override bool UnlockUser(string userName)
        {
            return true;
        }

        /// <summary>
        /// 将用户密码重置为一个自动生成的新密码。
        /// </summary>
        /// <param name="username">为其重置密码的用户。</param>
        /// <param name="answer">指定的用户的密码提示问题答案。</param>
        /// <returns>指定的用户的新密码。</returns>
        public override string ResetPassword(string username, string answer)
        {
            return string.Empty;
        }

        /// <summary>
        /// 更新数据源中有关用户的信息。
        /// </summary>
        /// <param name="user">一个 System.Web.Security.MembershipUser 对象，表示要更新的用户及其更新信息。</param>
        public override void UpdateUser(MembershipUser user)
        {
        }

        /// <summary>
        /// 验证数据源中是否存在指定的用户名和密码。
        /// </summary>
        /// <param name="username">要验证的用户的名称。</param>
        /// <param name="password">指定的用户的密码。</param>
        /// <returns>如果指定的用户名和密码有效，则为 true；否则为 false。</returns>
        public override bool ValidateUser(string username, string password)
        {
            // IDictionary<String, String> users = this.LoadAllUsers();
            // if (!users.ContainsKey(username))
            // {
            //    return false;
            // }
            // if (users[username] != password)
            // {
            //    return false;
            // }
            // return true;
            bool isValid = false;

            SqlConnection sqlConnection = new SqlConnection(connectionString);
            SqlCommand sqlCommand = new SqlCommand("moss_klsz_qry_user_psw_sp", sqlConnection);

            sqlCommand.CommandType = CommandType.StoredProcedure;
            sqlCommand.Parameters.Add("@@strUserId", SqlDbType.NVarChar, 255).Value = username;

            SqlDataReader sqlDataReader = null;

            string storedPassword = String.Empty;

            try
            {
                sqlConnection.Open();
                sqlDataReader = sqlCommand.ExecuteReader(CommandBehavior.SingleRow);

                if (sqlDataReader.HasRows)
                {
                    sqlDataReader.Read();
                    storedPassword = sqlDataReader.GetString(0);
                }
                else
                {
                    return false;
                }

                sqlDataReader.Close();

                if (CheckPassword(password, storedPassword))
                {
                    isValid = true;
                }
                else
                {
                    sqlConnection.Close();
                }
            }
            catch
            {
                // Add exception handling here.
            }
            finally
            {
                if (sqlDataReader != null) 
                { 
                    sqlDataReader.Close();
                }

                if ((sqlConnection != null) && (sqlConnection.State == ConnectionState.Open)) 
                { 
                    sqlConnection.Close(); 
                }
            }

            return isValid;
        }

        #endregion

        #region 自定义方法

        /// <summary>
        /// 初始化提供程序。
        /// </summary>
        /// <param name="name">该提供程序的友好名称。</param>
        /// <param name="config">名称/值对的集合，表示在配置中为该提供程序指定的、提供程序特定的属性。</param>
        public override void Initialize(string name, NameValueCollection config)
        {
            base.Initialize(name, config);

            ConnectionStringSettings connectionStringSettings = ConfigurationManager.ConnectionStrings[config["connectionStringName"]];

            if ((connectionStringSettings == null) || (connectionStringSettings.ConnectionString.Trim() == String.Empty))
            {
                throw new ProviderException("Connection string cannot be blank.");
            }

            connectionString = connectionStringSettings.ConnectionString;
        }

        /// <summary>
        /// Create a MembershipUser object from a data reader.
        /// </summary>
        /// <param name="sqlDataReader">Data reader.</param>
        /// <returns>MembershipUser object.</returns>
        private MembershipUser GetUserFromReader(SqlDataReader sqlDataReader)
        {
            object userID = sqlDataReader.GetValue(0);

            // string userID = sqlDataReader.GetString(0);
            string username = sqlDataReader.GetString(1);

            // string email = sqlDataReader.GetString(2);
            // string passwordQuestion = String.Empty;
            // if (sqlDataReader.GetValue(3) != DBNull.Value)
            // {
            //    passwordQuestion = sqlDataReader.GetString(3);
            // }

            // string comment = String.Empty;
            // if (sqlDataReader.GetValue(4) != DBNull.Value)
            // {
            //    comment = sqlDataReader.GetString(4);
            // }

            // bool isApproved = sqlDataReader.GetBoolean(5);
            // bool isLockedOut = sqlDataReader.GetBoolean(6);
            // DateTime creationDate = sqlDataReader.GetDateTime(7);

            // DateTime lastLoginDate = new DateTime();
            // if (sqlDataReader.GetValue(8) != DBNull.Value)
            // {
            //    lastLoginDate = sqlDataReader.GetDateTime(8);
            // }

            // DateTime lastActivityDate = sqlDataReader.GetDateTime(9);
            // DateTime lastPasswordChangedDate = sqlDataReader.GetDateTime(10);

            // DateTime lastLockedOutDate = new DateTime();
            // if (sqlDataReader.GetValue(11) != DBNull.Value)
            // {
            //    lastLockedOutDate = sqlDataReader.GetDateTime(11);
            // }

            // MembershipUser membershipUser = new MembershipUser(
            //  this.Name,
            // username,
            // userID,
            // email,
            // passwordQuestion,
            // comment,
            // isApproved,
            // isLockedOut,
            // creationDate,
            // lastLoginDate,
            // lastActivityDate,
            // lastPasswordChangedDate,
            // lastLockedOutDate
            //  );
            MembershipUser membershipUser = new MembershipUser(
                this.Name,
                username,
                userID,
                string.Empty,
                string.Empty,
                string.Empty,
                true,
                false,
                DateTime.Now,
                DateTime.Now,
                DateTime.Now,
                DateTime.Now,
                DateTime.Now);

            return membershipUser;
        }

        /// <summary>
        /// 检查密码是否正确
        /// </summary>
        /// <param name="password">用户输入密码</param>
        /// <param name="dbpassword">数据库保存密码</param>
        /// <returns>如果用户输入密码与数据库保存密码一致，则为true；否则为false</returns>
        private bool CheckPassword(string password, string dbpassword)
        {
            string pass1 = password;
            string pass2 = dbpassword;

            switch (PasswordFormat)
            {
                case MembershipPasswordFormat.Encrypted:
                    // pass2 = UnEncodePassword(dbpassword);
                    break;
                case MembershipPasswordFormat.Hashed:
                    pass1 = EncodePassword(password);
                    break;
                default:
                    break;
            }

            if (pass1 == pass2)
            {
                return true;
            }

            return false;
        }

        /// <summary>
        /// Encode password.
        /// </summary>
        /// <param name="password">Password.</param>
        /// <returns>Encoded password.</returns>
        private string EncodePassword(string password)
        {
            string encodedPassword = password;
            encodedPassword = MD5.Encrypt(encodedPassword, 32);
            return encodedPassword;
        }

        #endregion
    }
}

